[PM-5533] migrate provider keys (#7649)

* Provide RSA encryption in encrypt service * Define state for provider keys * Require cryptoService This is temporary until cryptoService has an observable active user private key. We don't want promise-based values in derive functions * Update crypto service provider keys to observables * Remove provider keys from state service * Migrate provider keys out of state account object * Correct Provider key state types * Prefix migration with current version number
2025-12-15 07:43:35 +00:00 · 2024-01-29 16:53:01 -05:00
parent c199f02d44
commit 3a9dead640
16 changed files with 485 additions and 118 deletions
--- a/libs/common/src/platform/abstractions/crypto.service.ts
+++ b/libs/common/src/platform/abstractions/crypto.service.ts
@@ -4,7 +4,7 @@ import { ProfileOrganizationResponse } from "../../admin-console/models/response
 import { ProfileProviderOrganizationResponse } from "../../admin-console/models/response/profile-provider-organization.response";
 import { ProfileProviderResponse } from "../../admin-console/models/response/profile-provider.response";
 import { KdfConfig } from "../../auth/models/domain/kdf-config";
-import { OrganizationId } from "../../types/guid";
+import { OrganizationId, ProviderId } from "../../types/guid";
 import { UserKey, MasterKey, OrgKey, ProviderKey, PinKey, CipherKey } from "../../types/key";
 import { KeySuffixOptions, KdfType, HashPurpose } from "../enums";
 import { EncArrayBuffer } from "../models/domain/enc-array-buffer";
@@ -229,6 +229,7 @@ export abstract class CryptoService {
   * provider keys currently in memory
   * @param providers The providers to set keys for
   */
+  activeUserProviderKeys$: Observable<Record<ProviderId, ProviderKey>>;
  setProviderKeys: (orgs: ProfileProviderResponse[]) => Promise<void>;
  /**
   * @param providerId The desired provider
@@ -236,9 +237,9 @@ export abstract class CryptoService {
   */
  getProviderKey: (providerId: string) => Promise<ProviderKey>;
  /**
-   * @returns A map of the provider Ids to their symmetric keys
+   * @returns A record of the provider Ids to their symmetric keys
   */
-  getProviderKeys: () => Promise<Map<string, ProviderKey>>;
+  getProviderKeys: () => Promise<Record<ProviderId, ProviderKey>>;
  /**
   * @param memoryOnly Clear only the in-memory keys
   * @param userId The desired user